Current Threats

Dell SecureWorks and other managed security service providers, in an update this week, said ongoing attacks consist mainly of probes for systems vulnerable to the Shellshock Bash command-line interpreter vulnerability. FireEye has uncovered attempts against NAS systems.

With the launch of Traps, Palo Alto Networks looks to win multimillion dollar data center deals as an enterprise-wide security platform prevention company rather than just a next generation firewall provider.

Apple refutes reports that the Shellshock bug is a threat to OS X users. Experts say the vulnerability could rival the impact of Heartbleed, and it's on the vendors and companies with webservers to get ahead of the issue.

An analysis of the remediation effort underway to correct various vulnerabilities to the government's Healthcare.gov website found that, despite some improvements, critical weaknesses had not been properly addressed.

Microsoft for years refused to pay security researchers that found and submitted bugs, but that changed last year. Now it's expanding its scope to also pay researchers for finding glitches in Office 365.

Apple Pay could trigger a new wave of attacks against Apple devices if consumers increasingly use their smartphones for banking and shopping, say security experts monitoring the deployment of the payment system.

From a toy that was deemed a threat to national security to a refrigerator that spews out spam and phishing attacks, security researchers say some of these bizarre threats demonstrate how common security vulnerabilities can potentially cause damage and even death.

The authors of data stealing malware and phishing campaigns are frequently changing their attacks to defeat detection and expand the number of victims they net, say security experts monitoring the threat landscape.

A payment processor had malware on its systems for more than a year, according to Goodwill, as third-party data security lapses continue to be a serious challenge for merchants attempting to safeguard sensitive data.